Jump to:navigation, search
Wiki

Securepoint Mail Security with Office365

From Securepoint Wiki





























In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
Diese Seite wird auf folgenden Seiten eingebunden

























































  • Select Connection with  Partnerorganisation }}































  • Note

    This article includes descriptions of third-party software and is based on the status at the time this page was created.
    Changes to the user interface on the part of the manufacturer are possible at any time and must be taken into account accordingly in the implementation.
    All information without warranty.










    • Example configuration of Mail Security with Office 365

    Last adaptation to the version: 2025.10

    New:
    • New Office 365 Integration with Assistant
    • Routes are authenticated via a TXT record in the domain and are immediately available
    • Active routes are now displayed with an enabled button
    notempty
    This article refers to a Beta version
    Access: mailsecurity.securepoint.de mail.security

    Introduction

    This HowTo describes how to set up Securepoint Mail Security with Microsoft Office 365.

    An email sent to an Microsoft office 365 mailbox is first received by the upstream Securepoint Mail Security.
    Securepoint Mail Security scans the email for spam and malware. If non is detected, Mail Security forwards the email to the Office 365 mailbox.

    The same applies to outgoing emails. When an email is sent from an Office 365 mailbox, Mail Security checks the outgoing email after it is sent from Office 365 for spam and malware. If no threats are detected, Mail Security forwards the email to its final destination.


    Office 365 Integration

    notempty

    For NFR Licenses Only New as of 11.2025

    Office 365 integration with assistant
    The following setup steps are required:

    1. Set up an inbound and outbound route in Mail Security
    2. Configure Office 365, assign domain, set up receive and send connectors
    3. Adjust the DNS entries
    notempty
    This order is important to ensure that emails can continue to be delivered during setup process.














    Fig.1
    • Access the synchronization menu under mail.security O365
    • Click the button Start O365 Synchronization
    Fig.2
  • Select a Microsoft user account with admin rights
    Required permissions:
  • Sign in and read user profile
  • Read Domains
  • Read all users' full profiles
  • If the required permissions are missing, a notice will appear and the assistant cannot proceed
    • Fig.3
    Accept
    Fig.4
    Domain Preview
    Fig.5
    Select the desired domain and click Next
    Fig.6
    Domain is added (green circle with a checkmark in the last column)
    Next
    Display during repeated synchronization
    Fig.7
    Select mailboxes Sync
    Fig.8
    It is recommended to set up a Catch-All address
    Fig.9
    Create Route
    Fig.10
    Entries that were already synchronized previously are skipped
    Fig.11
    An incoming route and an outgoing route have been created automatically
    Fig.12
    When synchronizing repeatedly, previously created mailboxes are displayed with a green circle with a checkmark in the last column


    Set up Microsoft 365

    Configure the receive connector

    A receive connector must be configured so that the Microsoft Exchange Online can receive emails from Mail Security.

    1. New Connector: Select Connection from  Partner organization, Connection to will then be filled in automatically
    2. Name: Choose an appropriate name and optionally a description
    3. Sent email will be authenticated: select the second option and enter the IP address from the welcome email, then click on to ensure the IP address is added
      the welcome email is received after ordering mail security
    4. Security restrictions: The desired security restrictions can be configured
    5. Verify connector: After succesfully testing the configuration, the receive connector is ready to use














    Configure send connector

    A send connector must be configured so that Microsoft Exchange can send emails to Securepoint Mail Security

    1. New Connector: Select Connection from  Office 365, Connection with  Partnerorganisation
    2. name: Choose an appropriate name and optionally add an description
    3. Usage of the connector:  Only, when I have set up a transport rule that redirects messages to this connector
    4. Routing:  route email through these smarthosts and use the smarthost from the outbound route in Mail Security under the Relay section
    5. Security restrictions: Configure as desired
    6. Validation email: Email address for verification
    7. Verify connector: After succesfully testing the configuration, the send connector is ready for use

    Afterward, a rule must be added to ensure this send connector can be used.














    Add rule

    After the send connector has been set up, a rule must be created in Microsoft Office 365 to ensure that this connector can be used.

    1. In the burger menu, select Create a new rule
    2. Set the rule conditions:
      1. Choose an appropriate name
      2. Apply this rule, if: the recipient is external/internal outside the organization
      3. Proceed as followed: Redirect message to the following connector and select the previously created connector there
    3. Set rule settings: Adjust the conditions of this rule as desired
    4. Review and complete: The configuration can be reviewed again and corrected if necessary
    5. Use the Finish button to create this rule
    notempty
    After the creation, the rule must be activated manually. Until it is activated, no emails will be routed through Mail Security

    To minimize downtime and avoid potential errors, the rule should only be activated after the MX record has already been switched to

    Mail Security!













    Adjust DNS entries

    First, two DNS entries of the affected domain must be adjusted, as emails are to be routed through the Mail Security server to Microsoft Office 365.
    managed via the domain's DNS management
    • The MX record must be set to mx.mymailwall.com
    • the SPF record must be updated to include mymailwall.com
    This can be verified using the following terminal command: host -t mx DOMAIN
    host -t mx mx.ttt-point.de
    mx.ttt-point.de mail is handled by 10 mx.mymailwall.com.

    Once the DNS entries have been succesfully redirected, the previously created rule can be activated


    Retrieved from "https://wiki.securepoint.de/index.php?title=Mailsecurity/Office365&oldid=100291"